<header> <div class="logoContainer"> <!-- <img src="logo-bar.png"> --> </div> <div class="button"> <p><a href ="index.php">Index</a></p> </div> <div class="button"> <?php if ($cookie_handler->cookie_exists($cookie_name)) { $user_cookie = $cookie_handler->get_cookie($cookie_name); if ($cookie_handler->validate_cookie($user_cookie) == true) { print "<p><a href =\"logout.php\">Logout</a></p>"; } else { $cookie_handler->delete_cookie($cookie_name); print "<p><a href =\"login.php\">Login</a></p>"; } } else { print "<p><a href =\"login.php\">Login</a></p>"; } ?> </div> <div class="button"> <?php if ($cookie_handler->cookie_exists($cookie_name)) { $user_cookie = $cookie_handler->get_cookie($cookie_name);
function authenticate_user($required_authority_level) { $cookie_handler = new CookieHandler(); $color = "hsla(360, 100%, 50%, 0.9)"; if ($cookie_handler->cookie_exists("compsec") == true) { $user_cookie = $cookie_handler->get_cookie("compsec"); if ($cookie_handler->validate_cookie($user_cookie) == true) { // Fetch user data $results = get_user_data($user_cookie->get_uuid()); $user_authority_level = $results[4]; // Check authentication level if ($user_authority_level < $required_authority_level) { print "<div class=\"box\" style=\"background-color:" . $color . ";margin-top:25px;\">You are not authorized to view this page.</div>"; exit; } } else { print "<div class=\"box\" style=\"background-color:" . $color . ";margin-top:25px;\">Invalid cookie. You need a valid login with the appropriate permissions in order to access this page.</div>"; exit; } } else { print "<div class=\"box\" style=\"background-color:" . $color . ";margin-top:25px;\">You need to be logged in to access this resource.</div>"; exit; } }